An average of 2 960 attacks. This is the number of cyberattacks that the average organisation in Africa is subjected to – every week! It’s a staggering number – and it’s growing rapidly every year. This year’s number was up 37% from the year before, according to Checkpoint Research.
Not only is Africa suffering thousands of cyberattacks, it is also the region with the highest weekly average on earth. The global average is 1 636 attacks per week.
Cyberattacks are now part and parcel of the business landscape – and Africa is a major target. Given the sheer scale of the problem, cybersecurity is a fundamental requirement for any business, NGO or government entity trying to operate on the continent.
Cyber vulnerabilities
What makes Africa particularly vulnerable is the continent’s lack of infrastructure and resources due to budget limitations; a lack of awareness of the truly critical nature of the problem; legislative and policy lethargy; and a continuing shortage of trained cybersecurity professionals.
Another vulnerability is the continent’s youthful population. While an enormous asset, having a young population also comes with risks. Already, 70% of Africa’s population is under 30, according to the United Nations (https://apo-opa.co/3Y0XIFh), and that youth component is only going to grow.
Young people often lack financial resources and become accustomed to compromising their cybersecurity in order to access connectivity – whether through sharing devices, connecting to wi-fi in public places, or using unencrypted connections.
Another risk is that the youth-focused education sector has become the industry suffering the most cyberattacks. This is partly due to the rise in online education since the Covid-19 pandemic.
Education and research institutions are also often prime targets for cyber criminals, due to the sensitive information they hold and the fact that remote education often involves multiple groups of online users.
Content piracy
Young people are also enthusiastic users of entertainment content. This may make them more willing to seek out pirated content, which comes with significant risks – malware, ransomware, fraud and identity theft, to name just a few.
These risks have seen the rise of the Partners Against Piracy initiative, with entertainment group MultiChoice Africa and cybersecurity firm Irdeto – a pan-African coalition to fight content piracy.
This anti-piracy initiative has made significant strides, with Irdeto and other key stakeholders having conducted around 155 raids across Africa in 2024; and 4 351 pirate-content networks having been closed down.
Frikkie Jonker, the Broadcasting Cybersecurity Anti-Piracy Director at Irdeto (MultiChoice Group subsidiary company) commented that Africa’s Police and court systems are also making steady advances in combating content piracy. There have been updates to cybercrime legislation in Nigeria, Kenya and Tanzania, and a total of 107 arrests have been made across Africa this year.
Despite the risk of piracy in youth-culture channels, Africa’s youth dividend is a significant advantage as the world embraces connected, digital economies. The GSMA predicts that by 2030, Africa will have 438 million mobile internet users – a cohort of savvy, digital natives, ready to work and do business online.
This rapid digital transformation increases the need for robust cybersecurity in African economies. The threat is real. In 2023, Checkpoint found only seven African countries ranked among the top 50 for cybersecurity readiness.
Boosting resilience
Increasing the continent’s resilience against cyber threats will require initiatives on several fronts…
Awareness and education: It’s critical to build cybersecurity education into school curriculums corporate training programmes and public-awareness campaigns.
Investment: Cybersecurity is a sophisticated, specialised area, best managed by experts with relevant, up-to-the-minute skills. Organisations must budget to enlist these experts to build robust cybersecurity frameworks.
Legislation: Cybersecurity considerations must be integrated into policies to ensure that cyber-resilience is legislated, and cybercriminals are prosecuted and jailed. This requires international, cross-sectoral cooperation.
Infrastructure protection: Cybersecurity requires information security infrastructure – a massive weakness in Africa. Reports show that 90% of African businesses operate without comprehensive cybersecurity protocols. Inadequate or outdated infrastructure limits their ability to detect, prevent, and respond to cyberattacks effectively.
Public-private partnerships: The private sector has cybersecurity expertise and agile industry knowledge. Governments have budgets and the policy strength to get things done. A co-ordinated, partnership approach is the ideal way to unlock these respective competencies for everyone’s benefit.
National functions like health, education, social services and justice are all dependent on digital platforms. Neglecting cybersecurity places the delivery of all these services at risk.
On the upside, future careers will increasingly rely on digital skills and digital platforms. These platforms must be secured if Africa’s people are going to be able to build businesses, campaigns and other initiatives in the digital space.
As a continent, we simply cannot afford to ignore the importance of building cyber-resilience to secure the future of Africa’s people